Repository: cxf-fediz Updated Branches: refs/heads/master 3aab9a328 -> 799d27485
[FEDIZ-134] Signing id tokem with RS256 Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/799d2748 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/799d2748 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/799d2748 Branch: refs/heads/master Commit: 799d274855394557d7b314ac5254c767f8e148d9 Parents: 3aab9a3 Author: Sergey Beryozkin <[email protected]> Authored: Thu Nov 12 18:22:16 2015 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Thu Nov 12 18:22:16 2015 +0000 ---------------------------------------------------------------------- .../oidc/PrivateKeyPasswordProviderImpl.java | 38 +++++++++++++++++++ services/oidc/src/main/resources/oidc.jks | Bin 0 -> 3984 bytes .../src/main/resources/rs.security.properties | 11 +++--- .../main/webapp/WEB-INF/applicationContext.xml | 4 +- 4 files changed, 45 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java new file mode 100644 index 0000000..0e0b9d3 --- /dev/null +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/PrivateKeyPasswordProviderImpl.java @@ -0,0 +1,38 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.fediz.service.oidc; + +import java.util.Properties; + +import org.apache.cxf.rs.security.jose.common.PrivateKeyPasswordProvider; + +public class PrivateKeyPasswordProviderImpl implements PrivateKeyPasswordProvider { + + private String password = "password"; + + @Override + public char[] getPassword(Properties props) { + return password.toCharArray(); + } + + public void setPassword(String password) { + this.password = password; + } + +} http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/resources/oidc.jks ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/resources/oidc.jks b/services/oidc/src/main/resources/oidc.jks new file mode 100644 index 0000000..9b8c450 Binary files /dev/null and b/services/oidc/src/main/resources/oidc.jks differ http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/resources/rs.security.properties ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/resources/rs.security.properties b/services/oidc/src/main/resources/rs.security.properties index 4a2b608..0b6766b 100644 --- a/services/oidc/src/main/resources/rs.security.properties +++ b/services/oidc/src/main/resources/rs.security.properties @@ -15,11 +15,10 @@ # specific language governing permissions and limitations # under the License. -#rs.security.keystore.type=jks -#rs.security.keystore.password=password -#rs.security.keystore.alias=alice -#rs.security.keystore.file=org/apache/cxf/systest/jaxrs/security/certs/alice.jks +rs.security.keystore.type=jks +rs.security.keystore.password=password +rs.security.keystore.alias=alice +rs.security.keystore.file=oidc.jks #rs.security.encryption.content.algorithm=A128GCM #rs.security.encryption.key.algorithm=RSA-OAEP -#rs.security.signature.algorithm=RS256 -rs.security.signature.algorithm=none +rs.security.signature.algorithm=RS256 http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/799d2748/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml index 5586c93..4520c21 100644 --- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml +++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml @@ -38,12 +38,12 @@ </jaxrs:providers> <jaxrs:properties> <entry key="rs.security.signature.properties" value="rs.security.properties"/> - <!-- <entry key="rs.security.signature.key.password.provider" value-ref="keyPasswordProvider"/> - --> </jaxrs:properties> </jaxrs:server> + <bean id="keyPasswordProvider" class="org.apache.cxf.fediz.service.oidc.PrivateKeyPasswordProviderImpl"/> + <jaxrs:server address="/client"> <jaxrs:serviceBeans> <bean id="clientRegService" class="org.apache.cxf.fediz.service.oidc.ClientRegistrationService">
